XerXeS DoS - Wikileaks Hacking Tool

XerXes 

DoS Attack Video Part 2

The Hacking tool used to DoS Wikileaks

This is demonstration of a XerXes DoS Attack in action against atahadi.com

Whats new from the first demo video is that more is revealed about the attack technique.

See for yourself :

Activate FullScreen for a better experience 

Click on this link to view the first video

This second video of XerXeS shows more of the XerXeS dashboard, and reveals even more about the attack technique – It's an Enhanced version of XerXes able to dos secured Apache servers !

Take a look at 02.25 when he sets up the target server:

XerXes can now affect multiple server flavors – some still more are under development. 

This time he dropped a Secured server which is supposed have the Apache setup that is impervious to a XerXeS hit.  

Denial of Service (DoS) Attacks

The basic premise to this attack is that by sending (but never fully completing) numerous requests to Apache, one could get the Apache process to consume all system resources and stop serving up the actual web content.  

Exploitation

The Apache vulnerability is only the beginning, Xerxes will be able to hit IIS in the future. 

DoS or DDoS ? 

The attack is performed on a single low-spec computer, and while The Jester sends relatively few packets from his own machine, the attack results in brief outages of the target site. 

So he is not using any intermediaries or botnets, sorry for having wrote DDoS in my first post xD

You can view part 1 here: XerXes in action

You surely can follow Jester here:

http://twitter.com/th3j35t3r

Hackers attack Mastercard

OPERATION PAYBACK

If you tried going to MasterCard’s web site this morning you might have found yourself waiting a long time. Hackvists Hackers supporting WikiLeaks founder Julian Assange claim to have taken down the website of MasterCard, which shutdown its payment service to the controversial website on Monday. 

The hacktivist group dubbed Anon_Operation said in one tweet that "www.mastercard.com/ is down" and designated mastercard.com as their "current target" in what was taking the proportions of cyber war.

WikiLeaks has benefited from a massive groundswell of online support. Twitter is choked with messages of solidarity. The site's Facebook page has 1 million fans. And tech-savvy supporters are organizing boycotts and other stunts.  

 Operation:Payback occurs after the credit-card company withdrew its funding services for WikiLeaks. The whistleblower Web site’s founder Julian Assange was arrested yesterday and denied bail. He remains in the custody of British police.

View our previous post to see Xerxes, the tool used to ddos Wikileak, in action. A tool able to make a distributed denial of service attack, created by the jester...

Wikileak Xerxes Dos Attack

Want to have a look at the tools which Jester (the one who did a Ddos distributed denial of service) attack against Wikileaks ? Here you go :

Xerxes in Action

The tool used to Ddos Wikileak

Activate FullScreen for a better experience xD
and
View the preceding post to get the full story xD

Wikileaks hacked - Mass Distributed Denial of Service (ddos) attacks

Wikileaks under mass distributed denial of service attacks

Wikileaks, the famous whistle blower website has attracted high attention after publishing confidential information otherwise not available to the public.in April 2010, WikiLeaks posted video from a 2007 incident in which Iraqi civilians and journalists were killed by U.S. forces, on a website called Collateral Murder. In July of the same year, WikiLeaks released Afghan War Diary, documents about the War in Afghanistan not previously available for public review.

Just recently, Wikileaks says it is the target of a computer-hacking operation, ahead of a release of secret US documents.

DDOS (Distributed Denial of Service)

Distributed denial-of-service attack (DDoS attack)

In short: Distributed Denial of Service, or DDoS. A group of computer users or an organization distributed across multiple systems floods the host's servers with spurious requests for access, 

Is showed in the below graph,  traffic to one of Wikileak’s primary hosting provider> At approximately 10:05am EST, traffic abruptly jumps by 2-4 Gbps as the attack begins.

The attack was "exceeding 10 Gigabits a second" 

Another way to think of it is that someone, somewhere is demanding that the WikiLeaks cablegate site deliver the equivalent of 114 movies per second
.
That's a massive attack, but it's not as big as some it has survived in the past. So why did it have so much trouble today?

Amazon dropped it
On 2 December 2010 Amazon.com severed its ties with WikiLeaks, to which it was providing infrastructure services, after an intervention of an aide of US Senator Joe Lieberman. Amazon denied acting under political pressure citing a violation of its terms of service. Fuck !
DNS too (Dynamic Network Services Inc.)
On 2 December 2010 American owned EveryDNS dropped WikiLeaks from its entries, citing DDoS attacks that "threatened the stability of its infrastructure".The site's 'info' DNS lookup remained operational at alternative addresses for direct access respectively to the Wikileaks and Cablegate websites

The Hacker who took it down (The Jester) 

th3j35t3r

So who is this hacker?

The hacker, who calls himself The Jester and goes by the name th3j35t3r on Twitter, said he was motivated to take down WikiLeaks for patriotic reasons. He also said his other targets include Web sites used by Al Qaeda and other terrorists groups for recruiting purposes. 

What he used? - XerXeS

He apparently developed a multi-thread, thin-client denial of service attack application that effectively allows him to launch a distributed denial of service (DDOS) attack on a website from a single linux server.

The everal interviews with The Jester, along with two videos he made for Infosec Island that demonstrate the XerXeS Dos attack in action.